package com.hoppinzq.service;

import com.hoppinzq.service.auth.AuthenticationContext;
import com.hoppinzq.service.auth.AuthenticationProvider;
import com.hoppinzq.service.common.HoppinInvocationRequest;
import com.hoppinzq.service.common.UserPrincipal;
import com.hoppinzq.service.exception.AuthenticationFailedException;

import java.io.Serializable;

public class CheckIsHoppinzq implements AuthenticationProvider, Serializable {

    @Override
    public void authenticate(HoppinInvocationRequest hoppinInvocationRequest) throws AuthenticationFailedException {
        if (hoppinInvocationRequest.getCredentials() != null && hoppinInvocationRequest.getCredentials() instanceof UserPrincipal) {
            //获取调用方凭证
            UserPrincipal upp = (UserPrincipal) hoppinInvocationRequest.getCredentials();
            if ("hoppinzq".equals(upp.getSecretId())) {
                AuthenticationContext.setPrincipal(upp);
            } else {
                throw new AuthenticationFailedException("身份验证失败");
            }
        } else {
            throw new AuthenticationFailedException("缺少凭据");
        }
    }
}
